From Spotlight to Shadow

Dramatically reduce the fidelity of your online persona

Security Baseline

Taking ownership

Organize accounts using a password manager

Reclaiming digital sovereignty starts with knowing which accounts exist and securing them. Learning how to use a password manager does require effort, but eliminating shared passwords between accounts is priority-1. Think of it as finally cleaning out the garage. Sorting it all out will be meditative, and satisfaction will come with organization. Change passwords, delete unnecessary accounts, and enable two-factor authentication. I recommend Proton Pass or Bitwarden.

Fundamental Privacy Hygiene

Limiting personal data collection

Use A Web Tracking Blocker

Tracker blockers (e.g. Brave, PrivacyBadger) prevent the sites you visit from quietly contacting other sites known to be collecting personal data or information about your behavior. Where possible, use websites over mobile apps to gain tracker protection.

Use Apple Pay/Google Pay

These use tokenization to replace your card number with a device-specific virtual ID. While this ID stays the same, each transaction uses a uniqueone-time security code, ensuring your actual card details are never exposed to the merchant.

Avoid Loyalty Programs

From just a phone number or email, retailers can buy the rest of your profile from brokers. They will associate your purchases with your account, and resell transaction and account details. If you must have a membership, opt out of data sharing.

Avoid Retailer data grabs

Whenever asked to provide personal info, pause. Ask yourself why.

  • Decline email receipts

  • Don’t trade your email address for 10%-off coupons

  • Hard pass when cashiers ask for your phone number

  • Don’t join retailers’ Wi-Fi (1)

  • Avoid retailer apps, ads, and QR codes

  • Where possible, insist on a manual ID check. Don’t allow your driver’s license to be scanned.

Audit Mobile Apps

Apps can leak dizzying amounts of telemetry; avoid them when possible. Delete any unneeded apps and review permissions given to each—especially limit location, contacts, and network/nearby device access wherever they’re not obviously needed for the app to function.

Outcome

These steps avoid the primary mechanisms retailers and brokers use to tie online behavior and purchases to an identity. Without a personal data point to start with, your personal information isn’t retrievable from data brokers, and retailers have no interesting, identifiable information to sell.

Limitations still exist with this setup. If you always use the same device + card with Apple or Google Pay, the retailer can tie multiple transactions together—but only as an anonymous shopper in most instances. In cases where opt-out programs exist, the limiting of data sharing varies. Frequently you are only opting out of data sharing for marketing/advertising. How you use a service is likely still captured and “anonymized” data may still be shared. Any data needed for fraud prevention is also collected.

Despite limitations, these guidelines dramatically reduce the flow of data contributing to your digital footprint.